Some fool simply scan a system for known vulnerabilities, while others may be tested against a set of defined or recommended settings known as benchmarks, policies or baselines.

01:07

Necessary. A well known vulnerability scanning tool that is free and open source and can't be run against local systems remotely across the network

01:15

Open boss or open vulnerability assessment scanner. Similarly, scans a set of targets for vulnerabilities.

01:23

Nick To is a common Web application scanner that test for Dangerous Files software. We're server application types and version numbers and even specific types of common Web application vulnerabilities.

01:33

NBS A is a Microsoft Pacific toll. It scans a system for missing updates, patches, security settings for various Windows components and other Microsoft products.

01:42

Monitoring tools can be used to do just that. Monitor various aspects of the network, its systems and it's traffic

01:49

monitoring tools. Check for traffic patterns, availability and never accuses.

01:53

Maggio's verifies the status of various service's and host within the network.

01:57

Well, then display and test whether specific hosts or service is air up. Were unavailable,

02:02

Nelson reports to uses to notify them of any outages.

02:06

Other tools, such as M R T G cacti or Net flow analyzer, collect and analyze network information for data points such as traffic sources and devices type and network consumption.

02:16

Any of these monitoring pools can identify an armless traffic patterns, repeat traffic sources and protocols on the network we're also monitoring for outages were inaccessibility, the service's and systems

02:29

interception Proxies axe Emily to normal Web proxies, but with some small caveats.

02:34

Typical Web proxy. Simply handle Web request on behalf of another entity so as not to expose that internal entity to the public facing network.

02:40

Intercepting proxies such as burp Sweet Zap Vega can be used to view, inject or manipulate the traffic destined for your Web application.

02:50

This can be handy is it allows you to test whether your Web application has run abilities and whether those vulnerabilities can be exploited by injecting certain types of Web requests. Were other data into the traffic stream

03:00

like changing the requested your oil midstream?

03:04

Such proxies can't be stand alone tools, but may also be found. His browser plug ins allow users to test your security state of their Web application.

03:12

Analytical tools are most useful at identifying and understanding aspects of your network and its systems. That could be of concern from a security standpoint,

03:20

being able to not only find but assessing analyze these potential deficiencies are crucial. Mitigating We're correcting the vulnerabilities that they expose.

03:28

Further told, Emma's in this course module are listed in an attempt to provide more insight and how these very stores operated,

03:34

and I'm not meant to advocate for anyone to over another or detested operations of any specific tool